> > It is unfortunate that RedHat's SU keeps the same environment and
> > specially the same PATH as this leaves the user open to a trivial
> > attack
>
> This only is a problem if you "su" from someone else's account,
> something a good administrator should be wary of. Otherwise "." should
> either be at the end of your path, or not there at all if you have root
> privileges.
>
This is not the only problem. There is another one in the fact that
every program you run could either modify your .bash_profile or modify
the environment+silently fork a shell. The net effect is that if one
day you do an su you could find that it is not the real 'ls' or 'cp'
who is executing. As Root you are supposed to run only a small number
of _trusted_ programs needed for system administration, as normal user
you run a far greater variety of programs as this is needed for real
work. Threse greater variety means more potential for mischief so it
should not be allowed that SU inherits environment and specially the
path because you never know if the user has still an untampered
environmant.
> Believe me, resetting the path may be more secure, but it's a lot more
> of a pain if you go back and forth from root a lot. In business
> environments most users are "trusted" (or rather "trustable") so there
> isn't much of an issue anyway. As far as the argument about out of the
> box safety and the small user, well in that case it is unlikely that
> they'll be using their system for multi-user and they won't be su-ing
> from anyone else.
>
Ok you don't have untrusted users but you could have trojans.
> I can't speak for ksh, sh, or bash, but at least in "csh" it's pretty
> easy to make your ".cshrc" (which is always run on a new shell) fix
> things up if you really want. This could be used to argue either way of
> course.
>
You can do this with bash, but it is useless because modifying your
.bashrc OR .CSHRC is the first thing the trojan will do.
Like I said there are distributions eg Caldera who make it nearly
right so this one occasion where RH should forget about the Not
Invented Here syndrom investigate their solution and try to improve
it.
--
Jean Francois Martinez
Project Independence: Linux for the Masses
http://www.independence.seul.org
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
